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-- The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, tiowever, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days w'lW be considered timely. 

- If NO period for reply is specified at»ove, the maximum statutory period will apply and wilt expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed « may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)^ Responsive to communication(s) filed on 30 March 2004 . 
2a)l3 This action is FINAL. 2b)n This action is non-final. 

3) n Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Exparfe Quay/e, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) 13 Claim(s) 1-23 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) S Claim(s) 1-23 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) n The specification is objected to by the Examiner. 

10) 13 The drawing(s) filed on 30 March 2004 is/are: a)S accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) 0 The oath or declaration is objected to by the Examiner. Note the attached Office Action orfornn PTO-152. 

Priority under 35 U.S.C. § 119 

12) 0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)n All b)n Some * c)^ None of: 

1 .□ Certified copies of the priority documents have been received. 

2.n Certified copies of the priority documents have been received in Application No. . 



3.n Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 



1 . This communication is responsive to an Amendment B, filed 03/30/04. 

2. Claims 1-23 are pending in this application. Claims 1, 8-9, 12-13, 19-20 and 23 are 
independent claims. In the Amendment B, claims 1-12 are amended, claims 13-23 are new 
claims. This action is made final. 



3. The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 



4. Claims 1-23 are rejected under 35 U.S.C. 103(a) as being unpatentable over Boebert et al, 
(U.S. Patent No. 5,596,718) in view of Bly et al. (U.S. Patent No. 5,220,657). 
: As to claim 1, 

although, Boebert teaches an interface device (a secure user interface, col 4 lines 10-34) 
comprising: 

a first interface for receiving data from a first zone in a first zone data format 
(workstation 40, col. 4 lines 10-42, col. 5 lines 1-9); 

means for processing said received data through performance of a cryptographic 
operation on at least a portion thereof (col. 5 lines 1-28); 



Claim Rejections - 35 USC §103 
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a second interface for sending said processed data to a second zone in a second zone data 
format (col. 5 lines 35-65, and col. 6 lines 55-61); and 

means arranged to pass said processed data exclusively from said processing means to 
said second interface (col. 5 lines 16-45); Boebert does not clearly show that there is a 
computer/network interface controlling the first and second interfaces on one display screen. Bly 
clearly teaches using a WYSIWIS user interface to control/monitor entire network including 
workstations, sections, servers, etc. (col. 10 lines 1-48, and figs. 1, 5-6, 8a-b, and 9). It would 
have been obvious at the time of the invention, a person with ordinary skill in the art would want 
to have the WYSIWIS useLinte^^^^ for controlling/monitoring network of Bly in the secure user 
interface of Boebert to provide better ways to control and navigate the network. 

As to claim 2, Boebert in view of Bly teaches a computer/network interface device as 
claimed in claim 1 further comprising: 

means arranged to convert said received data in said first zone data format into at least 
one data format other than said first zone data format prior to said data processing (encryption 
before send out to be decrypted for display, col, 4 lines 10-35, and col. 5 lines 46-53). 

As to claim 3, Boebert in view of Bly teaches a computer/network interface device as 
claimed in claim 1 further comprising: 

means arranged to transform the data format of said received data fi-om said first zone at 
least twice prior to said data processing (workstation 40 receives encrypted packets fi*om the 
trusted path subsystem and sends them to the host computer to decrypt for display, col. 5 lines 1- 
9). 
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As to claim 4, Boebert in view of Bly teaches a computer/network interface device as 
claimed in claim 1 in which said first zone data format is packetized data, further comprising: 

means for reading at least one item of identification data fi*om each packet (recognize the 
difference data and keep data from one security level from being mixed into data at a different 
security level, col. 7 lines 15-28); wherein 

said processing means is arranged to process each respective packet in dependence on 
each corresponding item of identification data (col. 7 lines 15-28). 

As to claim 5, Boebert in view of Bly teaches a computer/network interface device as 
claimed in claim 4 further comprising: 

a store for storing one or more rules, each rule being linked with at least one of item of 
identification data (security levels, col. 7 lines 1-28); wherein 

said processing means is arranged to process each packet in dependence upon the rule 
linked with the corresponding item(s) of identification data (col. 7 lines 1-28). 

As to claim 6, Boebert in view of Bly teaches a computer/network interface device as 
claimed in claim 1 wherein one of the first and second interfaces is suitable for connection to a 
host such that the data format utilized by such a connected interface is one utilized by the host 
(col. 6 lines 55-61, and col. 5 lines 16-53). 

As to claim 7, Boebert in view of Bly teaches a computer/network interface device as 
claimed in claim 5 wherein one of the first and second interfaces is suitable for connection to a 
host such that the data format utilized by such a connected interface is one utilized by the host in 
which, in response to receiving at least one control packet including at least an item of control 
identification data and control instructions through the interface not connected to the host and 



Application/Control Number: 09/805,376 Page 5 

Art Unit: 2174 

reading said item of control identification data from a control packet, said processing means is 
arranged to change said rules in said store in dependence upon said corresponding control 
instructions (security levels, col. 7 lines 1-28). 

As to claim 8, this is a combination of claims 1 and 7. Note the rejections of claims 1 and 
7 above. 

As to claims 9-11, they are method claims of system claims 1-3. Note the rejection of 
claims 1-3 above respectively. 

As to claim 12, Boebert in view of Bly teaches a method of operating computer/network 
interface device comprising: 

receiving data at a first interface from a first authorized party in a first data format 
(security levels, col. 7 lines 1-28, col. 4 lines 10-42, and col. 5 lines 1-9 ); 

processing said received data through performance of a computational operation on at 
least a portion thereof (col. 5 lines 1-28); 

passing said processed data exclusively to a second interface (col. 5 lines 1-16); 

sending said processed data from said second interface to a second authorized party in a 
second data format (col 5 lines 35-65, and col. 6 lines 55-61); 

wherein said performance of said computational operation is such that if said sent 
processed data is intercepted by unauthorized party, the recovery of said received data from said 
processed data is computationally unfeasible (col. 5 lines 16-45, and security levels, col. 7 lines 
1-28). 

As to claim 13, ahhough Boebert teaches a computer/network interface device 
comprising: 
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a first port for communication with said computer using a computer data format (col. 4 
lines 35-47); 

a second port for communication with said network using a network data format (network 
protocols, col. 5 lines 1-15); 

means for processing data received from at least one of said ports through performance of 
a cryptographic operation on at least a portion of said received data (col. 5 lines 1-28); and 

means arranged to pass said processed data exclusively from said means for processing to 
the other of said ports (the system assures that only a certain data is transferred to a particular 
user, col. 6 lines 13-40); Boebert does not clearly show that there is a computer/network 
interface controlling the first and second interfaces on one display screen. Bly clearly teaches 
using a WYSIWIS user interface to control/monitor entire network including workstations, 
sections, servers, etc. (col. 10 lines 1-48, and figs, 1, 5-6, 8a-b, and 9). It would have been 
obvious at the time of the invention, a person v^th ordinary skill in the art would want to have 
the WYSIWIS user inte^ for controlling/monitoring network of Bly in the secure user 
interface of Boebert to provide better ways to control and navigate the network. 

As to claim 14-18, they are similar in scopes to claims 2-5, and 7 above; therefore, 
rejected under similar rationale. 

As to claim 19, it is a combination of claims 12 and 13, Note the rejections of claims 12 
and 13 above. 

As to claims 20-23, they are method claims of system claims 12, 14, 15, and 19. Note the 
rejections of claims 12, 14, 15, and 19 above respectively. 
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Response to Arguments 



Applicant's arguments with respect to claims 1-13 have been considered but are moot in 
view of the new ground(s) of rejection. 



Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1. 136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS fi'om the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated fi'om the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to True T Chuong whose telephone number is 703-305-5753. The 
examiner can normally be reached on M-Th and alternate Fridays 8:30 AM - 5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessfial, the examiner's 
supervisor, Kristine L. Kincaid can be reached on 703-308-0640. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 



Conclusion 
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